From 10e326b4b1d50ea5f9b2d8d024a696a1650950be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Laurent=20Gourv=C3=A9nec?= <lgourvenec@cadoles.com>
Date: Thu, 17 Apr 2025 11:52:47 +0200
Subject: [PATCH] Ajout wazuh

---
 wazuh-agent-container/Dockerfile              | 17 +++++
 wazuh-agent-k8s-autoadd/Dockerfile            |  1 +
 wazuh-agent-k8s-autoadd/cmd/cli/main.go       | 19 ++++++
 wazuh-agent-k8s-autoadd/go.mod                |  5 ++
 wazuh-agent-k8s-autoadd/go.sum                |  2 +
 .../internal/config/config.go                 | 20 ++++++
 .../internal/wazuh/wazuh.go                   | 26 ++++++++
 wazuh-agent-kustom/kustomization.yaml         | 16 +++++
 wazuh-agent-kustom/resources/daemonset.yaml   | 66 +++++++++++++++++++
 9 files changed, 172 insertions(+)
 create mode 100644 wazuh-agent-container/Dockerfile
 create mode 100644 wazuh-agent-k8s-autoadd/Dockerfile
 create mode 100644 wazuh-agent-k8s-autoadd/cmd/cli/main.go
 create mode 100644 wazuh-agent-k8s-autoadd/go.mod
 create mode 100644 wazuh-agent-k8s-autoadd/go.sum
 create mode 100644 wazuh-agent-k8s-autoadd/internal/config/config.go
 create mode 100644 wazuh-agent-k8s-autoadd/internal/wazuh/wazuh.go
 create mode 100644 wazuh-agent-kustom/kustomization.yaml
 create mode 100644 wazuh-agent-kustom/resources/daemonset.yaml

diff --git a/wazuh-agent-container/Dockerfile b/wazuh-agent-container/Dockerfile
new file mode 100644
index 0000000..00dbfae
--- /dev/null
+++ b/wazuh-agent-container/Dockerfile
@@ -0,0 +1,17 @@
+FROM reg.cadoles.com/proxy_cache/library/debian:12.10
+
+RUN apt-get update \
+    && apt-get install -y gpg curl \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+RUN curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg
+
+RUN echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list
+
+RUN apt-get update \
+    && apt-get install -y wazuh-agent \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+CMD /var/ossec/bin/wazuh-control start
diff --git a/wazuh-agent-k8s-autoadd/Dockerfile b/wazuh-agent-k8s-autoadd/Dockerfile
new file mode 100644
index 0000000..f8c5d43
--- /dev/null
+++ b/wazuh-agent-k8s-autoadd/Dockerfile
@@ -0,0 +1 @@
+FROM golang:1.24 AS build                                                                               
diff --git a/wazuh-agent-k8s-autoadd/cmd/cli/main.go b/wazuh-agent-k8s-autoadd/cmd/cli/main.go
new file mode 100644
index 0000000..ad88d24
--- /dev/null
+++ b/wazuh-agent-k8s-autoadd/cmd/cli/main.go
@@ -0,0 +1,19 @@
+package main
+
+import (
+	"log"
+	"os"
+
+	"forge.cadoles.com/cadoles/wazuh-agent-k8s-autoadd/internal/config"
+	"forge.cadoles.com/cadoles/wazuh-agent-k8s-autoadd/internal/wazuh"
+)
+
+func main() {
+	cfg, err := config.NewConfig()
+	if err != nil {
+		os.Exit(1)
+	}
+	log.Print(cfg.BaseURL)
+
+	// Faire l'appel
+}
diff --git a/wazuh-agent-k8s-autoadd/go.mod b/wazuh-agent-k8s-autoadd/go.mod
new file mode 100644
index 0000000..5dc0aff
--- /dev/null
+++ b/wazuh-agent-k8s-autoadd/go.mod
@@ -0,0 +1,5 @@
+module forge.cadoles.com/cadoles/wazuh-agent-k8s-autoadd
+
+go 1.23.3
+
+require github.com/caarlos0/env/v11 v11.3.1
diff --git a/wazuh-agent-k8s-autoadd/go.sum b/wazuh-agent-k8s-autoadd/go.sum
new file mode 100644
index 0000000..1724948
--- /dev/null
+++ b/wazuh-agent-k8s-autoadd/go.sum
@@ -0,0 +1,2 @@
+github.com/caarlos0/env/v11 v11.3.1 h1:cArPWC15hWmEt+gWk7YBi7lEXTXCvpaSdCiZE2X5mCA=
+github.com/caarlos0/env/v11 v11.3.1/go.mod h1:qupehSf/Y0TUTsxKywqRt/vJjN5nz6vauiYEUUr8P4U=
diff --git a/wazuh-agent-k8s-autoadd/internal/config/config.go b/wazuh-agent-k8s-autoadd/internal/config/config.go
new file mode 100644
index 0000000..6cc076c
--- /dev/null
+++ b/wazuh-agent-k8s-autoadd/internal/config/config.go
@@ -0,0 +1,20 @@
+package config
+
+import (
+	"github.com/caarlos0/env/v11"
+	"log"
+)
+
+type Config struct {
+	BaseURL string `env:"WAZUH_MANAGER_BASE_URL,required,notEmpty"`
+}
+
+func NewConfig() (*Config, error) {
+	cfg := &Config{}
+	if err := env.Parse(cfg); err != nil {
+		log.Print(err)
+		return nil, err
+	}
+
+	return cfg, nil
+}
diff --git a/wazuh-agent-k8s-autoadd/internal/wazuh/wazuh.go b/wazuh-agent-k8s-autoadd/internal/wazuh/wazuh.go
new file mode 100644
index 0000000..df975cf
--- /dev/null
+++ b/wazuh-agent-k8s-autoadd/internal/wazuh/wazuh.go
@@ -0,0 +1,26 @@
+package wazuh
+
+import (
+	"encoding/json"
+	"log"
+	"net/http"
+
+	"forge.cadoles.com/cadoles/wazuh-agent-k8s-autoadd/internal/config"
+)
+
+func AddAgent(cfg Config) (error) {
+	// Craft jwt
+
+	resp, err := http.DefaultClient.Post(cfg.BaseURL + "/agents")
+	if err != nil {
+		return false, err
+	}
+	defer resp.Body.Close()
+
+	switch resp.StatusCode {
+	case http.StatusOK:
+		return nil
+	default:
+		return false, fmt.Errorf("Bad status: %d", resp.StatusCode)
+	}
+}
diff --git a/wazuh-agent-kustom/kustomization.yaml b/wazuh-agent-kustom/kustomization.yaml
new file mode 100644
index 0000000..15b36fa
--- /dev/null
+++ b/wazuh-agent-kustom/kustomization.yaml
@@ -0,0 +1,16 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+- ./resources/daemonset.yaml
+
+secretGenerator:
+- name: wazuh-agent-secret
+  literals:
+  - A=A
+
+configMapGenerator:
+- name: wazuh-agent-env
+  literals:
+  - A=A
+
diff --git a/wazuh-agent-kustom/resources/daemonset.yaml b/wazuh-agent-kustom/resources/daemonset.yaml
new file mode 100644
index 0000000..091ea56
--- /dev/null
+++ b/wazuh-agent-kustom/resources/daemonset.yaml
@@ -0,0 +1,66 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: wazuh-agent
+  namespace: kube-system
+  labels:
+    app.kubernetes.io/name: wazuh-agent
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: wazuh-agent
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: wazuh-agent
+    spec:
+      initContainers:
+      - name: wazuh-register
+        image: ??
+        envFrom:
+        - configMapRef:
+            name: wazuh-agent-env
+        - secretRef:  # Peut-être à décortiquer plutôt
+            name: wazuh-agent-secret
+        resources:
+          limits:
+            memory: 200Mi
+            cpu: 500m
+          requests:
+            memory: 100Mi
+            cpu: 100m
+        volumeMounts:
+        - name: ossec-etc
+          mountPath: /var/ossec/etc/
+        securityContext:
+          allowPrivilegeEscalation: false
+          runAsNonRoot: true
+          runAsUser: 1000
+      containers:
+      - name: wazuh-agent
+        image: ??
+        envFrom:
+        - configMapRef:
+            name: wazuh-agent-env # nécessaire ?
+        - secretRef:  # Peut-être à décortiquer plutôt
+            name: wazuh-agent-secret
+        # TODO: add liveness, readiness, startup probes with ports if necessary
+        resources:
+          limits:
+            cpu: 500m
+            memory: 512Mi
+          requests:
+            cpu: 100m
+            memory: 200Mi
+        volumeMounts:
+        - name: var-log
+          mountPath: /var/log
+          readOnly: true
+      terminationGracePeriodSeconds: 30
+      volumes:
+      - name: var-log
+        hostPath:
+          path: /var/log
+      - name: ossec-etc
+        emptyDir:
+          sizeLimit: 1Mi